[lintian] 01/01: Check for packages that should specify Rules-Require-Root. (Closes: #886479)
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository lintian.
commit aaa04fa352ec411840e6365d7a2c219bb0c86235
Author: Chris Lamb <lamby@debian.org>
Date: Sat Jan 6 23:00:35 2018 +0000
Check for packages that should specify Rules-Require-Root. (Closes: #886479)
---
checks/control-file.desc | 20 ++++++++++++++++++++
checks/control-file.pm | 16 +++++++++++++++-
debian/changelog | 3 +++
3 files changed, 38 insertions(+), 1 deletion(-)
diff --git a/checks/control-file.desc b/checks/control-file.desc
index 000f148..820fc4d 100644
--- a/checks/control-file.desc
+++ b/checks/control-file.desc
@@ -330,3 +330,23 @@ Severity: classification
Certainty: certain
Info: Package requires fakeroot or similar to build binary targets and explicitly declares it.
Ref: /usr/share/doc/dpkg-dev/rootless-builds.txt.gz
+
+Tag: should-specify-rules-requires-root
+Severity: wishlist
+Certainty: certain
+Info: This package builds a binary package containing at least one path
+ with a UNIX ownership other than "root:root". It therefore requires
+ <tt>fakeroot(1)</tt> or similar to build its binary targets.
+ .
+ Traditionally, Debian packages have required root privileges for some
+ debian/rules target requiring a split between build and binary targets.
+ This makes the builds slower due to the increased amount of invocations
+ as well as the overhead of fakeroot itself.
+ .
+ By declaring when a package really does require root privileges the
+ default, archive-wide, behaviour can be switched, optimising packaging
+ build times in the common case.
+ .
+ Please specify (eg.) <tt>Rules-Requires-Root: binary-targets</tt> in
+ the <tt>debian/control</tt> source stanza.
+Ref: /usr/share/doc/dpkg-dev/rootless-builds.txt.gz
diff --git a/checks/control-file.pm b/checks/control-file.pm
index 0976964..ea995c0 100644
--- a/checks/control-file.pm
+++ b/checks/control-file.pm
@@ -47,7 +47,7 @@ my $KNOWN_DBG_PACKAGE = Lintian::Data->new(
});
sub run {
- my ($pkg, undef, $info) = @_;
+ my ($pkg, undef, $info, undef, $group) = @_;
my $debian_dir = $info->index_resolved_path('debian/');
my $dcontrol;
$dcontrol = $debian_dir->child('control') if $debian_dir;
@@ -381,6 +381,20 @@ sub run {
tag 'rules-requires-root-implicitly';
}
+ if ($info->source_field('rules-requires-root', 'no') eq 'no') {
+ BINARY:
+ foreach my $proc ($group->get_binary_processables) {
+ my $pkg = $proc->pkg_name;
+ foreach my $file ($proc->info->sorted_index) {
+ my $owner = $file->owner . ':' . $file->group;
+ next if $owner ne 'root:root';
+ tag 'should-specify-rules-requires-root', $pkg, $file,
+ "($owner)";
+ last BINARY;
+ }
+ }
+ }
+
# find binary packages that Pre-Depend on multiarch-support without going
# via ${misc:Pre-Depends}
if ($info->source_field('build-depends')) {
diff --git a/debian/changelog b/debian/changelog
index 36178fe..5149306 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -9,6 +9,9 @@ lintian (2.5.68) UNRELEASED; urgency=medium
when matching autotools-pkg-config-macro-not-cross-compilation-safe
by skipping comment lines. (Closes: #886297)
+ [FL] Fix version parsing for native packages.
+ * checks/control-file.{desc.pm}:
+ + [CL] Check for packages that should specify Rules-Require-Root.
+ (Closes: #886479)
* checks/debconf.pm:
+ [CL] Don't warn about unknown template type "entropy" when a package
depends on cdebconf. (Closes: #677870)
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: